<?php
require 'auth.php';
require '../config/config.php';

if(!isset($_GET['id'])){
	header("Location: ../news.php");
	exit();
}
mydb_connect();

$qry = $conn->prepare("UPDATE `news` SET `ispub`=:ispub WHERE id = :id");
$authorSelect = $conn->query("SELECT * FROM `users` WHERE id = '".$_SESSION['USER_ID']."'");
							$author = $authorSelect->fetch();
							if(isset($_GET['unpublish'])){
								if($author['role']=="chief_editor"){
									$qry->execute(array('id' => $_GET['id'], 'ispub'=>'2'));
									header("location:../news_chief_editor.php?confirm=success");
								}
							}
							else{
							if($author['role']=="tech_editor"){
								$qry->execute(array('id' => $_GET['id'], 'ispub'=>'1'));
								header("location:../news_tech_editor.php?confirm=success");
							}
							if($author['role']=="lang_editor"){
								$qry->execute(array('id' => $_GET['id'], 'ispub'=>'2'));
								header("location:../news_lang_editor.php?confirm=success");
							}
							if($author['role']=="chief_editor"){
								$qry->execute(array('id' => $_GET['id'], 'ispub'=>'yes'));
								header("location:../news_chief_editor.php?confirm=success");
							}
							}
							exit();
?>